void
ws_802_1x_fill_connection (WirelessSecurity *sec,
const char *combo_name,
NMConnection *connection)
{
GtkWidget *widget;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMSetting8021x *s_8021x;
EAPMethod *eap = NULL;
GtkTreeModel *model;
GtkTreeIter iter;
s_wireless = nm_connection_get_setting_wireless (connection);
g_assert (s_wireless);
g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);
/* Blow away the old wireless security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
/* Blow away the old 802.1x setting by adding a clear one */
s_8021x = (NMSetting8021x *) nm_setting_802_1x_new ();
nm_connection_add_setting (connection, (NMSetting *) s_8021x);
widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1);
g_assert (eap);
eap_method_fill_connection (eap, connection);
eap_method_unref (eap);
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityWPAPSK *wpa_psk = (WirelessSecurityWPAPSK *) parent;
GtkWidget *widget, *passwd_entry;
const char *key;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMSettingSecretFlags secret_flags;
const char *mode;
gboolean is_adhoc = FALSE;
s_wireless = nm_connection_get_setting_wireless (connection);
g_assert (s_wireless);
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
/* Blow away the old security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
passwd_entry = widget;
key = gtk_entry_get_text (GTK_ENTRY (widget));
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL);
/* Save PSK_FLAGS to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), NM_SETTING_WIRELESS_SECURITY_PSK,
secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (wpa_psk->editing_connection)
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_wireless_sec), wpa_psk->password_flags_name);
wireless_security_clear_ciphers (connection);
if (is_adhoc) {
/* Ad-Hoc settings as specified by the supplicant */
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
nm_setting_wireless_security_add_proto (s_wireless_sec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wireless_sec, "none");
/* Ad-hoc can only have _one_ group cipher... default to TKIP to be more
* compatible for now. Maybe we'll support selecting CCMP later.
*/
nm_setting_wireless_security_add_group (s_wireless_sec, "tkip");
} else {
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
/* Just leave ciphers and protocol empty, the supplicant will
* figure that out magically based on the AP IEs and card capabilities.
*/
}
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
GtkWidget *widget;
const char *key;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
const char *mode;
gboolean is_adhoc = FALSE;
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
g_assert (s_wireless);
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);
/* Blow away the old security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
widget = glade_xml_get_widget (parent->xml, "wpa_psk_entry");
key = gtk_entry_get_text (GTK_ENTRY (widget));
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL);
wireless_security_clear_ciphers (connection);
if (is_adhoc) {
/* Ad-Hoc settings as specified by the supplicant */
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
nm_setting_wireless_security_add_proto (s_wireless_sec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wireless_sec, "none");
/* Ad-hoc can only have _one_ group cipher... default to TKIP to be more
* compatible for now. Maybe we'll support selecting CCMP later.
*/
nm_setting_wireless_security_add_group (s_wireless_sec, "tkip");
} else {
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
/* Just leave ciphers and protocol empty, the supplicant will
* figure that out magically based on the AP IEs and card capabilities.
*/
}
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent;
NMSettingWirelessSecurity *s_wsec;
NMSettingSecretFlags secret_flags;
GtkWidget *widget, *passwd_entry;
gint auth_alg;
const char *key;
int i;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo"));
auth_alg = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
passwd_entry = widget;
key = gtk_entry_get_text (GTK_ENTRY (widget));
g_strlcpy (sec->keys[sec->cur_index], key, sizeof (sec->keys[sec->cur_index]));
/* Blow away the old security setting by adding a clear one */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wsec);
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX, sec->cur_index,
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, (auth_alg == 1) ? "shared" : "open",
NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, sec->type,
NULL);
for (i = 0; i < 4; i++) {
if (strlen (sec->keys[i]))
nm_setting_wireless_security_set_wep_key (s_wsec, i, sec->keys[i]);
}
/* Save WEP_KEY_FLAGS to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_WEP_KEY_FLAGS, secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (sec->editing_connection)
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_wsec), sec->password_flags_name);
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec;
GtkWidget *widget;
gint auth_alg;
const char *key;
int i;
widget = glade_xml_get_widget (parent->xml, "auth_method_combo");
auth_alg = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
widget = glade_xml_get_widget (parent->xml, "wep_key_entry");
key = gtk_entry_get_text (GTK_ENTRY (widget));
strcpy (sec->keys[sec->cur_index], key);
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
g_assert (s_wireless);
g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);
/* Blow away the old security setting by adding a clear one */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wsec);
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX, sec->cur_index,
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, (auth_alg == 1) ? "shared" : "open",
NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, sec->type,
NULL);
for (i = 0; i < 4; i++) {
if (strlen (sec->keys[i]))
nm_setting_wireless_security_set_wep_key (s_wsec, i, sec->keys[i]);
}
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityLEAP *sec = (WirelessSecurityLEAP *) parent;
NMSettingWirelessSecurity *s_wireless_sec;
NMSettingSecretFlags secret_flags;
GtkWidget *widget, *passwd_entry;
const char *leap_password = NULL, *leap_username = NULL;
/* Blow away the old security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_username_entry"));
leap_username = gtk_entry_get_text (GTK_ENTRY (widget));
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_password_entry"));
passwd_entry = widget;
leap_password = gtk_entry_get_text (GTK_ENTRY (widget));
g_object_set (s_wireless_sec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "leap",
NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME, leap_username,
NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD, leap_password,
NULL);
/* Save LEAP_PASSWORD_FLAGS to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), sec->password_flags_name,
secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (sec->editing_connection)
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_wireless_sec), sec->password_flags_name);
}
static NMSettingWirelessSecurity *
get_security_for_ap (NMAccessPoint *ap,
guint32 dev_caps,
gboolean *supported,
NMSetting8021x **s_8021x)
{
NMSettingWirelessSecurity *sec;
NM80211Mode mode;
guint32 flags;
guint32 wpa_flags;
guint32 rsn_flags;
g_return_val_if_fail (NM_IS_ACCESS_POINT (ap), NULL);
g_return_val_if_fail (supported != NULL, NULL);
g_return_val_if_fail (*supported == TRUE, NULL);
g_return_val_if_fail (s_8021x != NULL, NULL);
g_return_val_if_fail (*s_8021x == NULL, NULL);
sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
mode = nm_access_point_get_mode (ap);
flags = nm_access_point_get_flags (ap);
wpa_flags = nm_access_point_get_wpa_flags (ap);
rsn_flags = nm_access_point_get_rsn_flags (ap);
/* No security */
if ( !(flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (wpa_flags == NM_802_11_AP_SEC_NONE)
&& (rsn_flags == NM_802_11_AP_SEC_NONE))
goto none;
/* Static WEP, Dynamic WEP, or LEAP */
if (flags & NM_802_11_AP_FLAGS_PRIVACY) {
if ((dev_caps & NM_WIFI_DEVICE_CAP_RSN) || (dev_caps & NM_WIFI_DEVICE_CAP_WPA)) {
/* If the device can do WPA/RSN but the AP has no WPA/RSN informatoin
* elements, it must be LEAP or static/dynamic WEP.
*/
if ((wpa_flags == NM_802_11_AP_SEC_NONE) && (rsn_flags == NM_802_11_AP_SEC_NONE)) {
g_object_set (sec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX, 0,
NULL);
return sec;
}
/* Otherwise, the AP supports WPA or RSN, which is preferred */
} else {
/* Device can't do WPA/RSN, but can at least pass through the
* WPA/RSN information elements from a scan. Since Privacy was
* advertised, LEAP or static/dynamic WEP must be in use.
*/
g_object_set (sec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX, 0,
NULL);
return sec;
}
}
/* Stuff after this point requires infrastructure */
if (mode != NM_802_11_MODE_INFRA) {
*supported = FALSE;
goto none;
}
/* WPA2 PSK first */
if ( (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
&& (dev_caps & NM_WIFI_DEVICE_CAP_RSN)) {
g_object_set (sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
nm_setting_wireless_security_add_proto (sec, "rsn");
add_ciphers_from_flags (sec, rsn_flags, TRUE);
add_ciphers_from_flags (sec, rsn_flags, FALSE);
return sec;
}
/* WPA PSK */
if ( (wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
&& (dev_caps & NM_WIFI_DEVICE_CAP_WPA)) {
g_object_set (sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
nm_setting_wireless_security_add_proto (sec, "wpa");
add_ciphers_from_flags (sec, wpa_flags, TRUE);
add_ciphers_from_flags (sec, wpa_flags, FALSE);
return sec;
}
/* WPA2 Enterprise */
if ( (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)
&& (dev_caps & NM_WIFI_DEVICE_CAP_RSN)) {
g_object_set (sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap", NULL);
nm_setting_wireless_security_add_proto (sec, "rsn");
add_ciphers_from_flags (sec, rsn_flags, TRUE);
add_ciphers_from_flags (sec, rsn_flags, FALSE);
*s_8021x = NM_SETTING_802_1X (nm_setting_802_1x_new ());
nm_setting_802_1x_add_eap_method (*s_8021x, "ttls");
g_object_set (*s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, "mschapv2", NULL);
return sec;
}
/* WPA Enterprise */
if ( (wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)
&& (dev_caps & NM_WIFI_DEVICE_CAP_WPA)) {
g_object_set (sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap", NULL);
nm_setting_wireless_security_add_proto (sec, "wpa");
add_ciphers_from_flags (sec, wpa_flags, TRUE);
add_ciphers_from_flags (sec, wpa_flags, FALSE);
*s_8021x = NM_SETTING_802_1X (nm_setting_802_1x_new ());
nm_setting_802_1x_add_eap_method (*s_8021x, "ttls");
g_object_set (*s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, "mschapv2", NULL);
return sec;
}
*supported = FALSE;
none:
g_object_unref (sec);
return NULL;
}
static void
update_wireless_security_setting_from_if_block(NMConnection *connection,
if_block *block)
{
gint wpa_l= strlen("wpa-");
gint wireless_l= strlen("wireless-");
if_data *curr = block->info;
const gchar* value = ifparser_getkey (block, "inet");
struct _Mapping mapping[] = {
{"psk", "psk"},
{"identity", "leap-username"},
{"password", "leap-password"},
{"key", "wep-key0"},
{"key-mgmt", "key-mgmt"},
{"group", "group"},
{"pairwise", "pairwise"},
{"proto", "proto"},
{"pin", "pin"},
{"wep-key0", "wep-key0"},
{"wep-key1", "wep-key1"},
{"wep-key2", "wep-key2"},
{"wep-key3", "wep-key3"},
{"wep-tx-keyidx", "wep-tx-keyidx"},
{ NULL, NULL}
};
struct _Mapping dupe_mapping[] = {
{"psk", normalize_psk},
{"identity", normalize_dupe},
{"password", normalize_dupe},
{"key", normalize_dupe_wireless_key},
{"key-mgmt", normalize_tolower},
{"group", normalize_tolower},
{"pairwise", normalize_tolower},
{"proto", normalize_tolower},
{"pin", normalize_dupe},
{"wep-key0", normalize_dupe_wireless_key},
{"wep-key1", normalize_dupe_wireless_key},
{"wep-key2", normalize_dupe_wireless_key},
{"wep-key3", normalize_dupe_wireless_key},
{"wep-tx-keyidx", normalize_dupe},
{ NULL, NULL}
};
struct _Mapping type_mapping[] = {
{"group", string_to_glist_of_strings},
{"pairwise", string_to_glist_of_strings},
{"proto", string_to_glist_of_strings},
{"wep-tx-keyidx", string_to_gpointerint},
{ NULL, NULL}
};
struct _Mapping free_type_mapping[] = {
{"group", slist_free_all},
{"pairwise", slist_free_all},
{"proto", slist_free_all},
{ NULL, NULL}
};
NMSettingWirelessSecurity *wireless_security_setting;
NMSettingWireless *s_wireless;
gboolean security = FALSE;
if(value && !strcmp("ppp", value)) {
return;
}
s_wireless = nm_connection_get_setting_wireless(connection);
g_return_if_fail(s_wireless);
nm_log_info (LOGD_SETTINGS, "update wireless security settings (%s).", block->name);
wireless_security_setting =
NM_SETTING_WIRELESS_SECURITY(nm_setting_wireless_security_new());
while(curr) {
if(strlen(curr->key) > wireless_l &&
!strncmp("wireless-", curr->key, wireless_l)) {
gchar *property_value = NULL;
gpointer typed_property_value = NULL;
const gchar* newkey = map_by_mapping(mapping, curr->key+wireless_l);
IfupdownStrDupeFunc dupe_func = map_by_mapping (dupe_mapping, curr->key+wireless_l);
IfupdownStrToTypeFunc type_map_func = map_by_mapping (type_mapping, curr->key+wireless_l);
GFreeFunc free_func = map_by_mapping (free_type_mapping, curr->key+wireless_l);
if(!newkey || !dupe_func)
goto next;
property_value = (*dupe_func) (curr->data, connection);
nm_log_info (LOGD_SETTINGS, "setting wireless security key: %s=%s",
newkey, property_value);
if (type_map_func) {
errno = 0;
typed_property_value = (*type_map_func) (property_value);
if(errno)
goto wireless_next;
}
g_object_set(wireless_security_setting,
newkey, typed_property_value ? typed_property_value : property_value,
NULL);
security = TRUE;
wireless_next:
g_free(property_value);
if (typed_property_value && free_func)
(*free_func) (typed_property_value);
} else if(strlen(curr->key) > wpa_l &&
!strncmp("wpa-", curr->key, wpa_l)) {
gchar *property_value = NULL;
gpointer typed_property_value = NULL;
const gchar* newkey = map_by_mapping(mapping, curr->key+wpa_l);
IfupdownStrDupeFunc dupe_func = map_by_mapping (dupe_mapping, curr->key+wpa_l);
IfupdownStrToTypeFunc type_map_func = map_by_mapping (type_mapping, curr->key+wpa_l);
GFreeFunc free_func = map_by_mapping (free_type_mapping, curr->key+wpa_l);
if(!newkey || !dupe_func)
goto next;
property_value = (*dupe_func) (curr->data, connection);
nm_log_info (LOGD_SETTINGS, "setting wpa security key: %s=%s",
newkey,
#ifdef DEBUG_SECRETS
property_value
#else /* DEBUG_SECRETS */
!strcmp("key", newkey) ||
!strcmp("leap-password", newkey) ||
!strcmp("pin", newkey) ||
!strcmp("psk", newkey) ||
!strcmp("wep-key0", newkey) ||
!strcmp("wep-key1", newkey) ||
!strcmp("wep-key2", newkey) ||
!strcmp("wep-key3", newkey) ||
NULL ?
"<omitted>" : property_value
#endif /* DEBUG_SECRETS */
);
if (type_map_func) {
errno = 0;
typed_property_value = (*type_map_func) (property_value);
if(errno)
goto wpa_next;
}
g_object_set(wireless_security_setting,
newkey, typed_property_value ? typed_property_value : property_value,
NULL);
security = TRUE;
wpa_next:
g_free(property_value);
if (free_func && typed_property_value)
(*free_func) (typed_property_value);
}
next:
curr = curr->next;
}
if (security)
nm_connection_add_setting (connection, NM_SETTING (wireless_security_setting));
}
static void
test_update_secrets_wifi (void)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
unsigned char tmpssid[] = { 0x31, 0x33, 0x33, 0x37 };
const char *wepkey = "11111111111111111111111111";
GHashTable *secrets;
GError *error = NULL;
char *uuid;
GByteArray *ssid;
gboolean success;
connection = nm_connection_new ();
g_assert (connection);
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
g_assert (s_con);
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Wireless",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, FALSE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME,
NULL);
g_free (uuid);
nm_connection_add_setting (connection, NM_SETTING (s_con));
/* Wireless setting */
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
g_assert (s_wifi);
ssid = g_byte_array_sized_new (sizeof (tmpssid));
g_byte_array_append (ssid, &tmpssid[0], sizeof (tmpssid));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, ssid,
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
g_byte_array_free (ssid, TRUE);
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
/* Wifi security */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
g_assert (s_wsec);
g_object_set (G_OBJECT (s_wsec),
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NULL);
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
/* Build up the secrets hash */
secrets = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, value_destroy);
g_hash_table_insert (secrets, NM_SETTING_WIRELESS_SECURITY_WEP_KEY0, string_to_gvalue (wepkey));
g_hash_table_insert (secrets, NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, uint_to_gvalue (NM_WEP_KEY_TYPE_KEY));
success = nm_connection_update_secrets (connection,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
secrets,
&error);
if (!success) {
/* Print the warning message before we assert success */
g_assert (error);
g_warning ("Error updating connection secrets: %s", error->message);
g_clear_error (&error);
}
g_assert (success);
}
void WifiStatusNM::setConnectedAccessPoint(WifiAccessPoint *ap, String psk) {
ScopedPointer<StringArray> cmd;
for (const auto& listener : listeners)
listener->handleWifiBusy();
// disconnect if no ap provided
if (ap == nullptr) {
NMActiveConnection *conn = nm_device_get_active_connection(nmdevice);
removeNMConnection(nmdevice, conn);
return;
}
// try to connect to ap, dispatch events on success and failure
else {
NMConnection *connection = NULL;
NMSettingWireless *s_wifi = NULL;
NMSettingWirelessSecurity *s_wsec = NULL;
const char *nm_ap_path = NULL;
const GPtrArray *ap_list;
NMAccessPoint *candidate_ap;
//FIXME: expand WifiAccessPoint struct to know which NMAccessPoint it is
ap_list = nm_device_wifi_get_access_points(NM_DEVICE_WIFI(nmdevice));
if (ap_list == NULL)
return;
for (int i = 0; i < ap_list->len; i++) {
const char *candidate_hash;
candidate_ap = (NMAccessPoint *) g_ptr_array_index(ap_list, i);
candidate_hash = utils_hash_ap(nm_access_point_get_ssid(candidate_ap),
nm_access_point_get_mode(candidate_ap),
nm_access_point_get_flags(candidate_ap),
nm_access_point_get_wpa_flags(candidate_ap),
nm_access_point_get_rsn_flags(candidate_ap));
if (ap->hash == candidate_hash) {
nm_ap_path = nm_object_get_path(NM_OBJECT(candidate_ap));
break;
}
}
if (!nm_ap_path)
return;
connecting = true;
connection = nm_connection_new();
s_wifi = (NMSettingWireless *) nm_setting_wireless_new();
nm_connection_add_setting(connection, NM_SETTING(s_wifi));
g_object_set(s_wifi,
NM_SETTING_WIRELESS_SSID, nm_access_point_get_ssid(candidate_ap),
NM_SETTING_WIRELESS_HIDDEN, false,
NULL);
if (!psk.isEmpty()) {
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new();
nm_connection_add_setting(connection, NM_SETTING(s_wsec));
if (nm_access_point_get_wpa_flags(candidate_ap) == NM_802_11_AP_SEC_NONE &&
nm_access_point_get_rsn_flags(candidate_ap) == NM_802_11_AP_SEC_NONE) {
/* WEP */
nm_setting_wireless_security_set_wep_key(s_wsec, 0, psk.toRawUTF8());
if (isValidWEPKeyFormat(psk))
g_object_set(G_OBJECT(s_wsec), NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE,
NM_WEP_KEY_TYPE_KEY, NULL);
else if (isValidWEPPassphraseFormat(psk))
g_object_set(G_OBJECT(s_wsec), NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE,
NM_WEP_KEY_TYPE_PASSPHRASE, NULL);
else
DBG("User input invalid WEP Key type, psk.length() = " << psk.length()
<< ", not in [5,10,13,26]");
} else {
g_object_set(s_wsec, NM_SETTING_WIRELESS_SECURITY_PSK, psk.toRawUTF8(), NULL);
}
}
nm_client_add_and_activate_connection(nmclient,
connection,
nmdevice,
nm_ap_path,
handle_add_and_activate_finish,
this);
}
}
void
cc_network_panel_connect_to_8021x_network (CcNetworkPanel *panel,
NMClient *client,
NMRemoteSettings *settings,
NMDevice *device,
const gchar *arg_access_point)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
NM80211ApSecurityFlags wpa_flags, rsn_flags;
GtkWidget *dialog;
char *uuid;
NMAccessPoint *ap;
g_debug ("connect to 8021x wifi");
ap = nm_device_wifi_get_access_point_by_path (NM_DEVICE_WIFI (device), arg_access_point);
if (ap == NULL) {
g_warning ("didn't find access point with path %s", arg_access_point);
return;
}
/* If the AP is WPA[2]-Enterprise then we need to set up a minimal 802.1x
* setting and ask the user for more information.
*/
rsn_flags = nm_access_point_get_rsn_flags (ap);
wpa_flags = nm_access_point_get_wpa_flags (ap);
if (!(rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)
&& !(wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) {
g_warning ("Network panel loaded with connect-8021x-wifi but the "
"access point does not support 802.1x");
return;
}
connection = nm_connection_new ();
/* Need a UUID for the "always ask" stuff in the Dialog of Doom */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
uuid = nm_utils_uuid_generate ();
g_object_set (s_con, NM_SETTING_CONNECTION_UUID, uuid, NULL);
g_free (uuid);
nm_connection_add_setting (connection, NM_SETTING (s_con));
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, nm_access_point_get_ssid (ap),
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap", NULL);
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
s_8021x = (NMSetting8021x *) nm_setting_802_1x_new ();
nm_setting_802_1x_add_eap_method (s_8021x, "ttls");
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, "mschapv2", NULL);
nm_connection_add_setting (connection, NM_SETTING (s_8021x));
dialog = nma_wireless_dialog_new (client, settings, connection, device, ap, FALSE);
show_wireless_dialog (panel, client, settings, dialog);
}
static void
test_wifi_wpa_psk (const char *detail,
OptType key_type,
const char *key_data,
const unsigned char *expected,
size_t expected_size)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSettingIP4Config *s_ip4;
NMSupplicantConfig *config;
GHashTable *hash;
char *uuid;
gboolean success;
GError *error = NULL;
GByteArray *ssid;
const unsigned char ssid_data[] = { 0x54, 0x65, 0x73, 0x74, 0x20, 0x53, 0x53, 0x49, 0x44 };
GByteArray *bssid;
const unsigned char bssid_data[] = { 0x11, 0x22, 0x33, 0x44, 0x55, 0x66 };
const char *bssid_str = "11:22:33:44:55:66";
connection = nm_connection_new ();
ASSERT (connection != NULL,
detail, "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
detail, "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Wifi WEP Key",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME,
NULL);
g_free (uuid);
/* Wifi setting */
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
ASSERT (s_wifi != NULL,
detail, "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
ssid = g_byte_array_sized_new (sizeof (ssid_data));
g_byte_array_append (ssid, ssid_data, sizeof (ssid_data));
bssid = g_byte_array_sized_new (sizeof (bssid_data));
g_byte_array_append (bssid, bssid_data, sizeof (bssid_data));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, ssid,
NM_SETTING_WIRELESS_BSSID, bssid,
NM_SETTING_WIRELESS_MODE, "infrastructure",
NM_SETTING_WIRELESS_BAND, "bg",
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
g_byte_array_free (ssid, TRUE);
g_byte_array_free (bssid, TRUE);
/* Wifi Security setting */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
ASSERT (s_wsec != NULL,
detail, "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
NM_SETTING_WIRELESS_SECURITY_PSK, key_data,
NULL);
nm_setting_wireless_security_add_proto (s_wsec, "wpa");
nm_setting_wireless_security_add_proto (s_wsec, "rsn");
nm_setting_wireless_security_add_pairwise (s_wsec, "tkip");
nm_setting_wireless_security_add_pairwise (s_wsec, "ccmp");
nm_setting_wireless_security_add_group (s_wsec, "tkip");
nm_setting_wireless_security_add_group (s_wsec, "ccmp");
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
detail, "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4, NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO, NULL);
ASSERT (nm_connection_verify (connection, &error) == TRUE,
detail, "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
config = nm_supplicant_config_new ();
ASSERT (config != NULL,
detail, "failed to create new supplicant config");
success = nm_supplicant_config_add_setting_wireless (config, s_wifi, TRUE, 0, TRUE);
ASSERT (success == TRUE,
detail, "failed to add wireless setting to supplicant config.");
success = nm_supplicant_config_add_setting_wireless_security (config,
s_wsec,
NULL,
"376aced7-b28c-46be-9a62-fcdf072571da");
ASSERT (success == TRUE,
detail, "failed to add wireless security to supplicant config.");
hash = nm_supplicant_config_get_hash (config);
ASSERT (hash != NULL,
detail, "failed to hash supplicant config options.");
validate_opt (detail, hash, "scan_ssid", TYPE_INT, GINT_TO_POINTER (1), -1);
validate_opt (detail, hash, "ssid", TYPE_BYTES, ssid_data, sizeof (ssid_data));
validate_opt (detail, hash, "bssid", TYPE_KEYWORD, bssid_str, -1);
validate_opt (detail, hash, "key_mgmt", TYPE_KEYWORD, "WPA-PSK", -1);
validate_opt (detail, hash, "proto", TYPE_KEYWORD, "WPA RSN", -1);
validate_opt (detail, hash, "pairwise", TYPE_KEYWORD, "TKIP CCMP", -1);
validate_opt (detail, hash, "group", TYPE_KEYWORD, "TKIP CCMP", -1);
validate_opt (detail, hash, "psk", key_type, expected, expected_size);
g_object_unref (connection);
}
static void
test_wifi_wep_key (const char *detail,
NMWepKeyType wep_type,
const char *key_data,
const unsigned char *expected,
size_t expected_size)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSettingIPConfig *s_ip4;
NMSupplicantConfig *config;
GHashTable *hash;
char *uuid;
gboolean success;
GError *error = NULL;
GBytes *ssid;
const unsigned char ssid_data[] = { 0x54, 0x65, 0x73, 0x74, 0x20, 0x53, 0x53, 0x49, 0x44 };
const char *bssid_str = "11:22:33:44:55:66";
connection = nm_simple_connection_new ();
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Wifi WEP Key",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME,
NULL);
g_free (uuid);
/* Wifi setting */
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
ssid = g_bytes_new (ssid_data, sizeof (ssid_data));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, ssid,
NM_SETTING_WIRELESS_BSSID, bssid_str,
NM_SETTING_WIRELESS_MODE, "infrastructure",
NM_SETTING_WIRELESS_BAND, "bg",
NULL);
g_bytes_unref (ssid);
/* Wifi Security setting */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, wep_type,
NULL);
nm_setting_wireless_security_set_wep_key (s_wsec, 0, key_data);
/* IP4 setting */
s_ip4 = (NMSettingIPConfig *) nm_setting_ip4_config_new ();
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4, NM_SETTING_IP_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO, NULL);
ASSERT (nm_connection_verify (connection, &error) == TRUE,
detail, "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
config = nm_supplicant_config_new ();
g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE,
"*added 'ssid' value 'Test SSID'*");
g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE,
"*added 'scan_ssid' value '1'*");
g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE,
"*added 'bssid' value '11:22:33:44:55:66'*");
g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE,
"*added 'freq_list' value *");
success = nm_supplicant_config_add_setting_wireless (config, s_wifi, 0);
ASSERT (success == TRUE,
detail, "failed to add wireless setting to supplicant config.");
g_test_assert_expected_messages ();
g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE,
"*added 'key_mgmt' value 'NONE'");
g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE,
"*added 'wep_key0' value *");
g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE,
"*added 'wep_tx_keyidx' value '0'");
success = nm_supplicant_config_add_setting_wireless_security (config,
s_wsec,
NULL,
"376aced7-b28c-46be-9a62-fcdf072571da");
ASSERT (success == TRUE,
detail, "failed to add wireless security to supplicant config.");
g_test_assert_expected_messages ();
hash = nm_supplicant_config_get_hash (config);
ASSERT (hash != NULL,
detail, "failed to hash supplicant config options.");
validate_opt (detail, hash, "scan_ssid", TYPE_INT, GINT_TO_POINTER (1), -1);
validate_opt (detail, hash, "ssid", TYPE_BYTES, ssid_data, sizeof (ssid_data));
validate_opt (detail, hash, "bssid", TYPE_KEYWORD, bssid_str, -1);
validate_opt (detail, hash, "key_mgmt", TYPE_KEYWORD, "NONE", -1);
validate_opt (detail, hash, "wep_tx_keyidx", TYPE_INT, GINT_TO_POINTER (0), -1);
validate_opt (detail, hash, "wep_key0", TYPE_BYTES, expected, expected_size);
g_object_unref (connection);
}
static void
nmt_page_wifi_constructed (GObject *object)
{
NmtPageWifiPrivate *priv = NMT_PAGE_WIFI_GET_PRIVATE (object);
NmtPageWifi *wifi = NMT_PAGE_WIFI (object);
NmtDeviceEntry *deventry;
NmtEditorSection *section;
NmtEditorGrid *grid;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec;
NmtNewtWidget *widget, *hbox, *subgrid;
NmtNewtWidget *mode, *band, *security, *entry;
NmtNewtStack *stack;
NMConnection *conn;
conn = nmt_editor_page_get_connection (NMT_EDITOR_PAGE (wifi));
s_wireless = nm_connection_get_setting_wireless (conn);
if (!s_wireless) {
nm_connection_add_setting (conn, nm_setting_wireless_new ());
s_wireless = nm_connection_get_setting_wireless (conn);
}
s_wsec = nm_connection_get_setting_wireless_security (conn);
if (!s_wsec) {
/* It makes things simpler if we always have a
* NMSettingWirelessSecurity; we'll hold a ref on one, and add
* it to and remove it from the connection as needed.
*/
s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_setting_wireless_security_new ());
}
priv->s_wsec = g_object_ref_sink (s_wsec);
deventry = nmt_editor_page_device_get_device_entry (NMT_EDITOR_PAGE_DEVICE (object));
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MAC_ADDRESS,
deventry, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
section = nmt_editor_section_new (_("WI-FI"), NULL, TRUE);
grid = nmt_editor_section_get_body (section);
widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY);
g_object_bind_property_full (s_wireless, NM_SETTING_WIRELESS_SSID,
widget, "text",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE,
ssid_transform_to_entry,
ssid_transform_from_entry,
s_wireless, NULL);
nmt_editor_grid_append (grid, _("SSID"), widget, NULL);
widget = nmt_newt_popup_new (wifi_mode);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MODE,
widget, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("Mode"), widget, NULL);
mode = widget;
hbox = nmt_newt_grid_new ();
widget = nmt_newt_popup_new (wifi_band);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BAND,
widget, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 0, 0);
band = widget;
widget = nmt_newt_entry_numeric_new (10, 0, 255);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CHANNEL,
widget, "text",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 1, 0);
nmt_newt_widget_set_padding (widget, 1, 0, 0, 0);
g_object_bind_property_full (band, "active-id", widget, "visible",
G_BINDING_SYNC_CREATE,
band_transform_to_channel_visibility,
NULL, NULL, NULL);
g_object_bind_property_full (mode, "active-id", hbox, "visible",
G_BINDING_SYNC_CREATE,
mode_transform_to_band_visibility,
NULL, NULL, NULL);
nmt_editor_grid_append (grid, _("Channel"), hbox, NULL);
nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL);
widget = nmt_newt_popup_new (wifi_security);
nmt_editor_grid_append (grid, _("Security"), widget, NULL);
security = widget;
widget = nmt_newt_stack_new ();
stack = NMT_NEWT_STACK (widget);
/* none */
subgrid = nmt_editor_grid_new ();
nmt_newt_stack_add (stack, "none", subgrid);
/* wpa-personal */
subgrid = nmt_editor_grid_new ();
widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_PSK,
widget, "password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
nmt_newt_stack_add (stack, "wpa-personal", subgrid);
/* "wpa-enterprise" */
// FIXME
widget = nmt_newt_label_new (_("(No support for wpa-enterprise yet...)"));
nmt_newt_stack_add (stack, "wpa-enterprise", widget);
/* wep-key */
subgrid = nmt_editor_grid_new ();
widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Key"), widget, NULL);
widget = nmt_newt_popup_new (wep_index);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL);
nm_editor_bind_wireless_security_wep_key (s_wsec,
entry, "password",
widget, "active",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
widget = nmt_newt_popup_new (wep_auth);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL);
nmt_newt_stack_add (stack, "wep-key", subgrid);
/* wep-passphrase */
subgrid = nmt_editor_grid_new ();
widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
widget = nmt_newt_popup_new (wep_index);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL);
nm_editor_bind_wireless_security_wep_key (s_wsec,
entry, "password",
widget, "active",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
widget = nmt_newt_popup_new (wep_auth);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL);
nmt_newt_stack_add (stack, "wep-passphrase", subgrid);
/* "dynamic-wep" */
// FIXME
widget = nmt_newt_label_new (_("(No support for dynamic-wep yet...)"));
nmt_newt_stack_add (stack, "dynamic-wep", widget);
/* leap */
subgrid = nmt_editor_grid_new ();
widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Username"), widget, NULL);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME,
widget, "text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD,
widget, "password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
nmt_newt_stack_add (stack, "leap", subgrid);
nmt_editor_grid_append (grid, NULL, NMT_NEWT_WIDGET (stack), NULL);
g_object_bind_property (security, "active-id",
stack, "active-id",
G_BINDING_SYNC_CREATE);
nm_editor_bind_wireless_security_method (conn, s_wsec, security, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL);
widget = nmt_mac_entry_new (40, ETH_ALEN);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BSSID,
widget, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("BSSID"), widget, NULL);
widget = nmt_mac_entry_new (40, ETH_ALEN);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CLONED_MAC_ADDRESS,
widget, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("Cloned MAC address"), widget, NULL);
widget = nmt_mtu_entry_new ();
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MTU,
widget, "mtu",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("MTU"), widget, NULL);
nmt_editor_page_add_section (NMT_EDITOR_PAGE (wifi), section);
G_OBJECT_CLASS (nmt_page_wifi_parent_class)->constructed (object);
}
gboolean
nm_ap_utils_complete_connection (const GByteArray *ap_ssid,
const guint8 ap_bssid[ETH_ALEN],
NM80211Mode ap_mode,
guint32 ap_flags,
guint32 ap_wpa_flags,
guint32 ap_rsn_flags,
NMConnection *connection,
gboolean lock_bssid,
GError **error)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
const GByteArray *ssid;
const char *mode, *key_mgmt, *auth_alg, *leap_username;
gboolean adhoc = FALSE;
s_wifi = nm_connection_get_setting_wireless (connection);
g_assert (s_wifi);
s_wsec = nm_connection_get_setting_wireless_security (connection);
s_8021x = nm_connection_get_setting_802_1x (connection);
/* Fill in missing SSID */
ssid = nm_setting_wireless_get_ssid (s_wifi);
if (!ssid)
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_SSID, ap_ssid, NULL);
else if ( ssid->len != ap_ssid->len
|| memcmp (ssid->data, ap_ssid->data, ssid->len)) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_ERROR,
NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
"Setting SSID did not match AP SSID");
return FALSE;
}
if (lock_bssid && !nm_setting_wireless_get_bssid (s_wifi)) {
GByteArray *bssid;
bssid = g_byte_array_sized_new (ETH_ALEN);
g_byte_array_append (bssid, ap_bssid, ETH_ALEN);
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_BSSID, bssid, NULL);
g_byte_array_free (bssid, TRUE);
}
/* And mode */
mode = nm_setting_wireless_get_mode (s_wifi);
if (mode) {
gboolean valid = FALSE;
/* Make sure the supplied mode matches the AP's */
if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_INFRA)) {
if (ap_mode == NM_802_11_MODE_INFRA)
valid = TRUE;
} else if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_ADHOC)) {
if (ap_mode == NM_802_11_MODE_ADHOC)
valid = TRUE;
adhoc = TRUE;
}
if (valid == FALSE) {
g_set_error (error,
NM_SETTING_WIRELESS_ERROR,
NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
NM_SETTING_WIRELESS_MODE);
return FALSE;
}
} else {
mode = NM_SETTING_WIRELESS_MODE_INFRA;
if (ap_mode == NM_802_11_MODE_ADHOC) {
mode = NM_SETTING_WIRELESS_MODE_ADHOC;
adhoc = TRUE;
}
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_MODE, mode, NULL);
}
/* Security */
/* Open */
if ( !(ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
/* Make sure the connection doesn't specify security */
if (nm_setting_wireless_get_security (s_wifi) || s_wsec || s_8021x) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"AP is unencrypted but setting specifies security");
return FALSE;
}
return TRUE;
}
/* Everything else requires security */
g_object_set (G_OBJECT (s_wifi),
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
if (!s_wsec) {
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
}
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
leap_username = nm_setting_wireless_security_get_leap_username (s_wsec);
/* Ad-Hoc checks */
if (!verify_adhoc (s_wsec, s_8021x, adhoc, error))
return FALSE;
/* Static WEP, Dynamic WEP, or LEAP */
if ( (ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
const char *tag = "WEP";
gboolean is_dynamic_wep = FALSE;
if (!verify_leap (s_wsec, s_8021x, adhoc, error))
return FALSE;
if (leap_username) {
tag = "LEAP";
} else {
/* Static or Dynamic WEP */
if (!verify_dynamic_wep (s_wsec, s_8021x, adhoc, error))
return FALSE;
if (s_8021x || (key_mgmt && !strcmp (key_mgmt, "ieee8021x"))) {
is_dynamic_wep = TRUE;
tag = "Dynamic WEP";
}
}
/* Nothing WPA-related can be set */
if (!verify_no_wpa (s_wsec, tag, error))
return FALSE;
if (leap_username) {
/* LEAP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "leap",
NULL);
} else if (is_dynamic_wep) {
/* Dynamic WEP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
nm_setting_wireless_security_add_pairwise (s_wsec, "wep40");
nm_setting_wireless_security_add_pairwise (s_wsec, "wep104");
nm_setting_wireless_security_add_group (s_wsec, "wep40");
nm_setting_wireless_security_add_group (s_wsec, "wep104");
if (s_8021x) {
/* Dynamic WEP requires a valid 802.1x setting since we can't
* autocomplete 802.1x.
*/
if (!nm_setting_verify (NM_SETTING (s_8021x), NULL, error))
return FALSE;
}
} else {
/* Static WEP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NULL);
}
return TRUE;
}
/* WPA/RSN */
g_assert (ap_wpa_flags || ap_rsn_flags);
/* Ensure key management is valid for WPA */
if ((key_mgmt && !strcmp (key_mgmt, "ieee8021x")) || leap_username) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"WPA incompatible with non-EAP (original) LEAP or Dynamic WEP");
return FALSE;
}
/* 'shared' auth incompatible with any type of WPA */
if (auth_alg && strcmp (auth_alg, "open")) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"WPA incompatible with Shared Key authentication");
return FALSE;
}
if (!verify_no_wep (s_wsec, "WPA", error))
return FALSE;
if (!verify_wpa_psk (s_wsec, s_8021x, adhoc, ap_wpa_flags, ap_rsn_flags, error))
return FALSE;
if (!adhoc && !verify_wpa_eap (s_wsec, s_8021x, ap_wpa_flags, ap_rsn_flags, error))
return FALSE;
if (adhoc) {
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
/* Ad-Hoc does not support RSN/WPA2 */
nm_setting_wireless_security_add_proto (s_wsec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wsec, "none");
nm_setting_wireless_security_add_group (s_wsec, "tkip");
} else if (s_8021x) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
/* 802.1x also requires the client to completely fill in the 8021x
* setting. Since there's so much configuration required for it, there's
* no way it can be automatically completed.
*/
} else if ( (key_mgmt && !strcmp (key_mgmt, "wpa-psk"))
|| (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
} else {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"Failed to determine AP security information");
return FALSE;
}
return TRUE;
}
